WO2010053739A3 - Method and system for restricting file access in a computer system - Google Patents
Method and system for restricting file access in a computer system Download PDFInfo
- Publication number
- WO2010053739A3 WO2010053739A3 PCT/US2009/062074 US2009062074W WO2010053739A3 WO 2010053739 A3 WO2010053739 A3 WO 2010053739A3 US 2009062074 W US2009062074 W US 2009062074W WO 2010053739 A3 WO2010053739 A3 WO 2010053739A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- security policy
- file
- file access
- computer system
- access
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
Abstract
A computer-implemented method is provided of controlling file access in a computer system. The method includes: (a) reading file association information; (b) building a security policy in accordance with the file association information comprising rules that restrict the access of applications to files based on file type, format, or extension; and (c) providing additional rules for the security policy not based on the file association information; (d) storing the security policy; and (e) controlling file access in accordance with the security policy.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/267,600 US20100122313A1 (en) | 2008-11-09 | 2008-11-09 | Method and system for restricting file access in a computer system |
US12/267,600 | 2008-11-09 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2010053739A2 WO2010053739A2 (en) | 2010-05-14 |
WO2010053739A3 true WO2010053739A3 (en) | 2010-07-29 |
Family
ID=42153483
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2009/062074 WO2010053739A2 (en) | 2008-11-09 | 2009-10-26 | Method and system for restricting file access in a computer system |
Country Status (2)
Country | Link |
---|---|
US (1) | US20100122313A1 (en) |
WO (1) | WO2010053739A2 (en) |
Families Citing this family (47)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2466455A (en) * | 2008-12-19 | 2010-06-23 | Qinetiq Ltd | Protection of computer systems |
TWI407327B (en) * | 2009-11-24 | 2013-09-01 | Phison Electronics Corp | Method and system for processing data, and storage device controller |
US8631346B2 (en) * | 2010-05-12 | 2014-01-14 | Red Hat, Inc. | File conversion initiated by renaming of file extension |
US8458741B2 (en) * | 2010-05-27 | 2013-06-04 | Sony Corporation | Provision of TV ID to non-TV device to enable access to TV services |
US8417962B2 (en) * | 2010-06-11 | 2013-04-09 | Microsoft Corporation | Device booting with an initial protection component |
CN101951443A (en) * | 2010-09-25 | 2011-01-19 | 宇龙计算机通信科技(深圳)有限公司 | File security method, system and mobile terminal |
KR101156227B1 (en) * | 2010-11-22 | 2012-06-18 | 주식회사 파수닷컴 | File processing device for executing preprocessed file and recording medium for executing preprocessed file |
CN102622537A (en) * | 2011-01-31 | 2012-08-01 | 中兴通讯股份有限公司 | Method and device for processing virus file |
US9262246B2 (en) | 2011-03-31 | 2016-02-16 | Mcafee, Inc. | System and method for securing memory and storage of an electronic device with a below-operating system security agent |
US8813227B2 (en) | 2011-03-29 | 2014-08-19 | Mcafee, Inc. | System and method for below-operating system regulation and control of self-modifying code |
US8959638B2 (en) | 2011-03-29 | 2015-02-17 | Mcafee, Inc. | System and method for below-operating system trapping and securing of interdriver communication |
US9317690B2 (en) | 2011-03-28 | 2016-04-19 | Mcafee, Inc. | System and method for firmware based anti-malware security |
US8925089B2 (en) | 2011-03-29 | 2014-12-30 | Mcafee, Inc. | System and method for below-operating system modification of malicious code on an electronic device |
US9032525B2 (en) | 2011-03-29 | 2015-05-12 | Mcafee, Inc. | System and method for below-operating system trapping of driver filter attachment |
US9087199B2 (en) * | 2011-03-31 | 2015-07-21 | Mcafee, Inc. | System and method for providing a secured operating system execution environment |
US8863283B2 (en) | 2011-03-31 | 2014-10-14 | Mcafee, Inc. | System and method for securing access to system calls |
US8966624B2 (en) | 2011-03-31 | 2015-02-24 | Mcafee, Inc. | System and method for securing an input/output path of an application against malware with a below-operating system security agent |
US8966629B2 (en) | 2011-03-31 | 2015-02-24 | Mcafee, Inc. | System and method for below-operating system trapping of driver loading and unloading |
US9038176B2 (en) | 2011-03-31 | 2015-05-19 | Mcafee, Inc. | System and method for below-operating system trapping and securing loading of code into memory |
JP5708197B2 (en) * | 2011-04-21 | 2015-04-30 | 富士ゼロックス株式会社 | Information processing apparatus and program |
CN102194072B (en) * | 2011-06-03 | 2012-11-14 | 奇智软件(北京)有限公司 | Method, device and system used for handling computer virus |
US9076008B1 (en) * | 2011-06-27 | 2015-07-07 | Amazon Technologies, Inc. | Content protection on an electronic device |
US8631244B1 (en) | 2011-08-11 | 2014-01-14 | Rockwell Collins, Inc. | System and method for preventing computer malware from exfiltrating data from a user computer in a network via the internet |
US9059853B1 (en) | 2012-02-22 | 2015-06-16 | Rockwell Collins, Inc. | System and method for preventing a computing device from obtaining unauthorized access to a secure network or trusted computing environment |
EP2831787B1 (en) * | 2012-03-30 | 2020-07-08 | Irdeto B.V. | Method and system for preventing and detecting security threats |
US8661246B1 (en) | 2012-04-09 | 2014-02-25 | Rockwell Collins, Inc. | System and method for protecting certificate applications using a hardened proxy |
US8984582B2 (en) * | 2012-08-14 | 2015-03-17 | Confidela Ltd. | System and method for secure synchronization of data across multiple computing devices |
CN102932530B (en) * | 2012-09-27 | 2014-12-31 | 东莞宇龙通信科技有限公司 | Mobile terminal and file processing method for same |
JP6091144B2 (en) * | 2012-10-10 | 2017-03-08 | キヤノン株式会社 | Image processing apparatus, control method therefor, and program |
EP2956883B1 (en) * | 2013-02-14 | 2017-03-22 | VMware, Inc. | Method and apparatus for application awareness in a network |
US9560103B2 (en) * | 2013-06-26 | 2017-01-31 | Echostar Technologies L.L.C. | Custom video content |
US9430674B2 (en) | 2014-04-16 | 2016-08-30 | Bank Of America Corporation | Secure data access |
US9378384B2 (en) | 2014-04-16 | 2016-06-28 | Bank Of America Corporation | Secure endpoint file export in a business environment |
US9432369B2 (en) * | 2014-04-16 | 2016-08-30 | Bank Of America Corporation | Secure data containers |
RU2584505C2 (en) * | 2014-04-18 | 2016-05-20 | Закрытое акционерное общество "Лаборатория Касперского" | System and method for filtering files to control applications |
US10277601B1 (en) | 2015-05-11 | 2019-04-30 | Google Llc | System and method for recursive propagating application access control |
KR20170019762A (en) * | 2015-08-12 | 2017-02-22 | 삼성전자주식회사 | Electronic device for controlling file sysytem and operating method thereof |
WO2017095364A1 (en) * | 2015-11-30 | 2017-06-08 | Hewlett Packard Enterprise Development Lp | Managing access of objects of a plurality of types |
ES2699703T3 (en) * | 2016-03-17 | 2019-02-12 | HD PLUS GmbH | Procedure and system to generate a list of access to media channels |
US10356113B2 (en) * | 2016-07-11 | 2019-07-16 | Korea Electric Power Corporation | Apparatus and method for detecting abnormal behavior |
US10817492B2 (en) * | 2017-05-05 | 2020-10-27 | Servicenow, Inc. | Application extension |
US11062021B2 (en) * | 2017-08-29 | 2021-07-13 | NortonLifeLock Inc. | Systems and methods for preventing malicious applications from exploiting application services |
CN109359092B (en) * | 2018-09-27 | 2023-05-26 | 腾讯科技(深圳)有限公司 | File management method, desktop display method, device, terminal and medium |
US11029970B2 (en) * | 2018-10-24 | 2021-06-08 | Sap Se | Operating system extension framework |
US10990673B1 (en) | 2019-05-24 | 2021-04-27 | Trend Micro Inc. | Protection of antivirus daemon in a computer |
US11503124B1 (en) * | 2021-05-21 | 2022-11-15 | Red Hat, Inc. | Managing resource utilization in edge-computing systems |
CN113221194B (en) * | 2021-06-07 | 2024-03-08 | 云尖(北京)软件有限公司 | Tamper web page hybrid detection technology |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020174369A1 (en) * | 2001-04-24 | 2002-11-21 | Hitachi, Ltd. | Trusted computer system |
US20030120601A1 (en) * | 2001-12-12 | 2003-06-26 | Secretseal Inc. | Dynamic evaluation of access rights |
US20050251508A1 (en) * | 2004-05-10 | 2005-11-10 | Masaaki Shimizu | Program and method for file access control in a storage system |
US20060120526A1 (en) * | 2003-02-28 | 2006-06-08 | Peter Boucher | Access control to files based on source information |
US20080189767A1 (en) * | 2007-02-01 | 2008-08-07 | Microsoft Corporation | Accessing file resources outside a security boundary |
Family Cites Families (23)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0676069B1 (en) * | 1992-12-28 | 1998-03-11 | Apple Computer, Inc. | File translation system |
US6047312A (en) * | 1995-07-07 | 2000-04-04 | Novell, Inc. | System for replicating and associating file types with application programs among plurality of partitions in a server |
US5974572A (en) * | 1996-10-15 | 1999-10-26 | Mercury Interactive Corporation | Software system and methods for generating a load test using a server access log |
US6026402A (en) * | 1998-01-07 | 2000-02-15 | Hewlett-Packard Company | Process restriction within file system hierarchies |
US7536524B2 (en) * | 1998-07-31 | 2009-05-19 | Kom Networks Inc. | Method and system for providing restricted access to a storage medium |
US6549916B1 (en) * | 1999-08-05 | 2003-04-15 | Oracle Corporation | Event notification system tied to a file system |
US6907421B1 (en) * | 2000-05-16 | 2005-06-14 | Ensim Corporation | Regulating file access rates according to file type |
US6662186B1 (en) * | 2000-07-14 | 2003-12-09 | Hewlett-Packard Development Company, L.P. | System and method for a data propagation file format |
US20080021936A1 (en) * | 2000-10-26 | 2008-01-24 | Reynolds Mark L | Tools and techniques for original digital files |
US8032542B2 (en) * | 2000-10-26 | 2011-10-04 | Reynolds Mark L | Creating, verifying, managing, and using original digital files |
US20040015890A1 (en) * | 2001-05-11 | 2004-01-22 | Windriver Systems, Inc. | System and method for adapting files for backward compatibility |
US6917953B2 (en) * | 2001-12-17 | 2005-07-12 | International Business Machines Corporation | System and method for verifying database security across multiple platforms |
US6931530B2 (en) * | 2002-07-22 | 2005-08-16 | Vormetric, Inc. | Secure network file access controller implementing access control and auditing |
GB2398134A (en) * | 2003-01-27 | 2004-08-11 | Hewlett Packard Co | Applying a data handing policy to predetermined system calls |
US7401105B2 (en) * | 2003-10-02 | 2008-07-15 | International Business Machines Corporation | Method, system, and program product for retrieving file processing software |
US7660999B2 (en) * | 2004-06-22 | 2010-02-09 | Microsoft Corporation | MIME handling security enforcement |
WO2007142615A2 (en) * | 2005-02-18 | 2007-12-13 | Credant Technologies, Inc. | System and method for intelligence based security |
US7840573B2 (en) * | 2005-02-22 | 2010-11-23 | Trusted Computer Solutions | Trusted file relabeler |
US20060259948A1 (en) * | 2005-05-12 | 2006-11-16 | International Business Machines Corporation | Integrated document handling in distributed collaborative applications |
US8126856B2 (en) * | 2005-05-26 | 2012-02-28 | Hewlett-Packard Development Company, L.P. | File access management system |
US7613918B2 (en) * | 2006-02-16 | 2009-11-03 | Finjan Software Ltd. | System and method for enforcing a security context on a downloadable |
US20080101613A1 (en) * | 2006-10-27 | 2008-05-01 | Brunts Randall T | Autonomous Field Reprogramming |
US20080229419A1 (en) * | 2007-03-16 | 2008-09-18 | Microsoft Corporation | Automated identification of firewall malware scanner deficiencies |
-
2008
- 2008-11-09 US US12/267,600 patent/US20100122313A1/en not_active Abandoned
-
2009
- 2009-10-26 WO PCT/US2009/062074 patent/WO2010053739A2/en active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020174369A1 (en) * | 2001-04-24 | 2002-11-21 | Hitachi, Ltd. | Trusted computer system |
US20030120601A1 (en) * | 2001-12-12 | 2003-06-26 | Secretseal Inc. | Dynamic evaluation of access rights |
US20060120526A1 (en) * | 2003-02-28 | 2006-06-08 | Peter Boucher | Access control to files based on source information |
US20050251508A1 (en) * | 2004-05-10 | 2005-11-10 | Masaaki Shimizu | Program and method for file access control in a storage system |
US20080189767A1 (en) * | 2007-02-01 | 2008-08-07 | Microsoft Corporation | Accessing file resources outside a security boundary |
Also Published As
Publication number | Publication date |
---|---|
US20100122313A1 (en) | 2010-05-13 |
WO2010053739A2 (en) | 2010-05-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2010053739A3 (en) | Method and system for restricting file access in a computer system | |
Stewart | Eight days: the battle to save the american financial system | |
WO2010065271A3 (en) | Systems and methods for providing continuous file protection at block level | |
WO2008092031A3 (en) | Computer system architecture having isolated file system management for secure and reliable data processing | |
WO2008051792A3 (en) | Data file access control | |
WO2007005048A3 (en) | Methods and apparatus for implementing context-dependent file security | |
WO2009155146A3 (en) | Digitally signing documents using identity context information | |
Bjørling et al. | The Necessary Death of the Block Device Interface. | |
McCrudden | Procurement and fairness in the workplace | |
Carraro et al. | FEEM Sustainability Index Methodological Report 2011 | |
WO2008033939A3 (en) | Contextually analyzing data in tabular and graphical reports | |
WO2008114316A1 (en) | Electronic document management device and electronic document management program | |
Kolokolova et al. | Systematic and idiosyncratic risks of changes in CDS spreads | |
Milosevic | Android Security: Malicious use of Android permissions | |
Habbig | Privacy, data protection and medical apps–a threat to patient safety? | |
Kviatek | Regaining the organisational trust in the fossil fuel industry: challenges and opportunities | |
Dunne | Artwork published in Abridged Magazine | |
Csurcsia et al. | B-spline based nonparametric system identification | |
Egan | Policing intermediaries in the EU anti-money laundering framework | |
McEwan | There is no such thing as a male midwife! | |
Eckert et al. | Document interoperability. Open document format and office open XML | |
WEST | Evidence-based policing: An inconvenient truth? | |
Hartill et al. | The Future of Safeguarding in Sport | |
Woods | Integrating risk management with performance management | |
Boulus-Rødje | The Travel to the Hidden Lives of the Electronic Medical Record (EMR): Society for Social Studies of Science |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 09825220 Country of ref document: EP Kind code of ref document: A2 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 09825220 Country of ref document: EP Kind code of ref document: A2 |